Department of Defense L4: FAQ

As more DoD customers look to leverage Azure Government cloud computing capabilities to modernize and create opportunities for agility within the mission space, there are a common set of questions that arise. We pulled the most frequently asked questions together to provide some guidance.

Q: As a DoD customer, how do I acquire Azure Government?

A: DoD customers have many options for acquiring Azure Government cloud services – either through one of our authorized Microsoft Licensing Partners or through one of the many Microsoft Solution Partners on a range of contract vehicles including:

GSA IT-70

GSA Cloud Services OCSC BPA

Department of Interior FCHS

NASA SEWP V

NITAAC CIO-SP3

NITAAC CIO-CS

GSA Alliant

Air Force NETCENTS-2

Air Force NETCENTS-2 (SB)

Navy Seaport-e

Customers pay only for the Azure Government services consumed - with no upfront capital investment.

Q: What types of solutions can I build on the services available on Azure Government today?

A: DoD customers are deploying a wide range of solutions on Azure Government today built on both on both our IaaS and PaaS offerings. These include:

A: Yes, Azure Government is approved for development, test AND production workloads that are categorized by the data owner or equivalent as Impact Level 4.

Q: How is Azure Government different from competitive offerings from other commercial cloud vendors?

A: Azure Government is an engineered solution built specifically to the needs of our Federal, State and Local government customers. As such, we offer a number of differentiators from our competition.

Microsoft Azure Government provides a government-only network spanning multiple geographic regions greater than 500 miles apart for high availability and disaster recovery purposes.

Microsoft Azure Government is the only commercial, hyperscale cloud vendor with DoD Impact Level 4 Provisional Authorization offering both IaaS and PaaS services. PaaS services provide the DoD customer with significant opportunities beyond simply re-hosting to reduce both capital and operational expenditures by reducing the costs of managing and maintaining infrastructure and perpetual software licensing as well as opportunities to innovate and transform legacy applications.

Microsoft offers enterprise scale hybrid cloud capability that does not rely on third party vendors for hosting facilities or bolt-on solutions. Given the DoD’s investments in on-premises applications and datacenter infrastructure, it is critical that there be a glide path for migrating from on-premises to commercial cloud solutions. ‘Cloud First’ should not and cannot mean ‘Cloud Only’.

Microsoft provides first party support for Active Directory, the directory services standard throughout the DoD, with Azure Active Directory. Our competition relies on 3rd party tools and deploying additional infrastructure to support directory services and identity federation.

Microsoft offers first-party support for workloads deployed on Azure Government that utilize other Microsoft technology (Windows Server, SQL Server, SharePoint, etc.) as well as that same level of support for Oracle, Red Hat and other 3rd party partnerships. Our competition provides ‘best effort’ support for Microsoft workloads and varying degrees of support for third-party solution.

Q: What Azure Government services are included in your current DoD Impact Level 4 Provisional Authorization?

A: The following Azure Government services are currently covered by our current DoD Impact Level 4 Provisional Authorization:

Azure Active Directory

Application Gateway

Cloud Services

Load Balancer

SQL Database

Storage

Traffic Manager

Virtual Machines

Virtual Network

VPN Gateway

Azure Key Vault

Azure Web Apps

ExpressRoute

Q: How will Azure Government make services available and compliant for government customers so that Impact Level 4 doesn’t become stale?

A: Our Azure Government Engineering team is committed to a continuous compliance program by which Microsoft is submitting additional services to FedRAMP and the DoD for accreditation on a regular, repeatable cadence. Azure Government is an ‘evergreen’ platform - introducing innovation through new and the expansion of existing services with complimentary compliance capability on a continuous basis - similarly to how we achieve these same goals in the public cloud. Look for updates in this space related to new service announcements and compliance updates.

Q: With Impact Level 4 workloads traffic must be routed through a DoD-approved cloud access point. Does Microsoft’s Azure Government solution support this?

A: We support connectivity to multiple DoD cloud access points (CAPs) through our ExpressRoute service. This service allows customers to create private connections between Azure Government’s datacenters and DoD network infrastructure in 3rd party colocation environments. More information on the ExpressRoute service can be found at https://azure.microsoft.com/en-us/services/expressroute/.

We welcome your comments and suggestions to help us improve your Azure Government experience. To stay up to date on all things Azure Government, be sure to subscribe to our RSS feed and to receive emails by clicking “Subscribe by Email!” on the Azure Government Blog.